fix backtracking vulnerability in block.pedantic.html as in markedjs#1083

Feder1co5oave · Feder1co5oave · commit e20dd0276e5b · 2018-03-08T20:55:35.000+01:00
diff --git a/lib/marked.js b/lib/marked.js
@@ -119,7 +119,7 @@ block.pedantic = merge({}, block.normal, {
   html: edit(
     '^ *(?:comment *(?:\\n|\\s*$)'
     + '|<(tag)[\\s\\S]+?</\\1> *(?:\\n{2,}|\\s*$)' // closed tag
-    + '|<tag(?:"[^"]*"|\'[^\']*\'|\\s[^\'"/>]*)*?/?> *(?:\\n{2,}|\\s*$))')
+    + '|<tag(?:"[^"]*"|\'[^\']*\'|\\s[^\'"/>\\s]*)*?/?> *(?:\\n{2,}|\\s*$))')
     .replace('comment', block._comment)
     .replace(/tag/g, '(?!(?:'
       + 'a|em|strong|small|s|cite|q|dfn|abbr|data|time|code|var|samp|kbd|sub'
